Bug#1066898: tracker-extract: always crash - related to sandboxing making chmod from fontconfig to always fail

2024-03-18 Thread Alban Browaeys 
Could you publish a tracker-miners 3.7 debian release for unstable?

I was preparing a salsa MR but it turns out that tracker-miners 3.7 was
released today and contains these two fixes.


The chmod sigsys giving an endless loop of coredumps is fixed by:
https://gitlab.gnome.org/GNOME/tracker-miners/-/commit/883f97e32e42df4db66005a1e8f48ba084ec7cac
reported upstream at 


https://gitlab.gnome.org/GNOME/tracker-miners/-/issues/320
[46.rc] Program terminated with signal SIGSYS, Bad system call.
MR:
https://gitlab.gnome.org/GNOME/tracker-miners/-/merge_requests/516
 libtracker-miners-common: Disallow chmod/fchmod with soft errors 



The /etc/fonts/fonts.conf read error is fixed:
https://gitlab.gnome.org/GNOME/tracker-miners/-/commit/ce81b1d1c999ee3c0046f3f09876b00028c5cccd
 libtracker-miners-common: Allow readonly access to /etc/fonts 



Cheers,
Alban


On Fri, 15 Mar 2024 06:30:12 +0100 Alban Browaeys 
wrote:
> Package: tracker-extract
> Version: 3.7~rc-3
> Severity: grave
> Justification: renders package unusable
> 
> Dear Maintainer,
> 
>    * What led up to the situation?
>    I believe upgrading to Sid from Trixie a few days ago.
> 
> 
> mars 15 06:10:37 hermes tracker-miner-fs-3[1633275]: Fontconfig
error: Cannot load default config file: Unable to open
/etc/fonts/fonts.conf
> mars 15 06:10:37 hermes tracker-miner-fs-3[1633275]: Disallowed
syscall "chmod" caught in sandbox
> mars 15 06:10:37 hermes systemd[1]: Started
systemd-coredump@33956-1633288-0.service - Process Core Dump (PID
1633288/UID 0).
> mars 15 06:10:38 hermes systemd[1]: Started
drkonqi-coredump-processor@33956-1633288-0.service - Pass systemd-
coredump journal entries to relevant user for potential DrKonqi
handling.
> mars 15 06:10:38 hermes systemd-coredump[1633289]: Removed old
coredump core.tracker-
extract.1000.4370b7ec7f8d4cf8998826bce50c6f8b.1553954.171047636300.
zst.
> mars 15 06:10:38 hermes drkonqi-coredump-processor[1633290]: Entry
doesn't look like a dump. This may have been a vaccum run. Nothing to
process.
> mars 15 06:10:38 hermes systemd-coredump[1633289]: [] Process
1633275 (tracker-extract) of user 1000 dumped core.
> 
>    Module
libsystemd.so.0 from deb systemd-255.4-1+b1.amd64
>    Module
libudev.so.1 from deb systemd-255.4-1+b1.amd64
>    Module
libarchive.so.13 from deb libarchive-3.7.2-1.1.amd64
>    Module
libzstd.so.1 from deb libzstd-1.5.5+dfsg2-2.amd64
>    Stack trace of
thread 1633287:
>    #0 
0x7f50633aa207 __tgkill (libc.so.6 + 0x10a207)
>    #1 
0x7f50632dc510 __restore_rt (libc.so.6 + 0x3c510)
>    #2 
0x7f50633975a7 __GI___chmod (libc.so.6 + 0xf75a7)
>    #3 
0x7f5062297d68 FcDirCacheWrite (libfontconfig.so.1 + 0xbd68)
>    #4 
0x7f50622a200b FcDirCacheScan (libfontconfig.so.1 + 0x1600b)
>    #5 
0x7f50622a2283 IA__FcDirCacheRead (libfontconfig.so.1 + 0x16283)
>    #6 
0x7f506229c7f1 FcConfigAddDirList (libfontconfig.so.1 + 0x107f1)
>    #7 
0x7f506229c8c4 IA__FcConfigBuildFonts (libfontconfig.so.1 +
0x108c4)
>    #8 
0x7f50622a8d8c FcInitLoadOwnConfigAndFonts (libfontconfig.so.1 +
0x1cd8c)
>    #9 
0x7f5062298f26 FcConfigEnsure (libfontconfig.so.1 + 0xcf26)
>    #10
0x7f5062298f8d FcConfigInit (libfontconfig.so.1 + 0xcf8d)
>    #11
0x7f50573a3415 init_in_thread (libpangoft2-1.0.so.0 + 0xc415)
>    #12
0x7f50638ffab1 g_thread_proxy (libglib-2.0.so.0 + 0x87ab1)
>    #13
0x7f506332845c start_thread (libc.so.6 + 0x8845c)
>    #14
0x7f50633a8bbc __clone3 (libc.so.6 + 0x108bbc)
> 
>    Stack trace of
thread 1633280:
>    #0 
0x7f50633a1059 syscall (libc.so.6 + 0x101059)
>    #1 
0x7f506392dc90 g_cond_wait_until (libglib-2.0.so.0 + 0xb5c90)
>    #2 
0x7f506389c143 g_async_queue_pop_intern_unlocked (libglib-2.0.so.0
+ 0x24143)
>    #3 
0x7f50639004ba

Bug#1066898: tracker-extract: always crash - related to sandboxing making chmod from fontconfig to always fail

2024-03-14 Thread Alban Browaeys 
Package: tracker-extract
Version: 3.7~rc-3
Severity: grave
Justification: renders package unusable

Dear Maintainer,

   * What led up to the situation?
   I believe upgrading to Sid from Trixie a few days ago.


mars 15 06:10:37 hermes tracker-miner-fs-3[1633275]: Fontconfig error: Cannot 
load default config file: Unable to open /etc/fonts/fonts.conf
mars 15 06:10:37 hermes tracker-miner-fs-3[1633275]: Disallowed syscall "chmod" 
caught in sandbox
mars 15 06:10:37 hermes systemd[1]: Started 
systemd-coredump@33956-1633288-0.service - Process Core Dump (PID 1633288/UID 
0).
mars 15 06:10:38 hermes systemd[1]: Started 
drkonqi-coredump-processor@33956-1633288-0.service - Pass systemd-coredump 
journal entries to relevant user for potential DrKonqi handling.
mars 15 06:10:38 hermes systemd-coredump[1633289]: Removed old coredump 
core.tracker-extract.1000.4370b7ec7f8d4cf8998826bce50c6f8b.1553954.171047636300.zst.
mars 15 06:10:38 hermes drkonqi-coredump-processor[1633290]: Entry doesn't look 
like a dump. This may have been a vaccum run. Nothing to process.
mars 15 06:10:38 hermes systemd-coredump[1633289]: [] Process 1633275 
(tracker-extract) of user 1000 dumped core.

   Module libsystemd.so.0 from 
deb systemd-255.4-1+b1.amd64
   Module libudev.so.1 from deb 
systemd-255.4-1+b1.amd64
   Module libarchive.so.13 from 
deb libarchive-3.7.2-1.1.amd64
   Module libzstd.so.1 from deb 
libzstd-1.5.5+dfsg2-2.amd64
   Stack trace of thread 
1633287:
   #0  0x7f50633aa207 
__tgkill (libc.so.6 + 0x10a207)
   #1  0x7f50632dc510 
__restore_rt (libc.so.6 + 0x3c510)
   #2  0x7f50633975a7 
__GI___chmod (libc.so.6 + 0xf75a7)
   #3  0x7f5062297d68 
FcDirCacheWrite (libfontconfig.so.1 + 0xbd68)
   #4  0x7f50622a200b 
FcDirCacheScan (libfontconfig.so.1 + 0x1600b)
   #5  0x7f50622a2283 
IA__FcDirCacheRead (libfontconfig.so.1 + 0x16283)
   #6  0x7f506229c7f1 
FcConfigAddDirList (libfontconfig.so.1 + 0x107f1)
   #7  0x7f506229c8c4 
IA__FcConfigBuildFonts (libfontconfig.so.1 + 0x108c4)
   #8  0x7f50622a8d8c 
FcInitLoadOwnConfigAndFonts (libfontconfig.so.1 + 0x1cd8c)
   #9  0x7f5062298f26 
FcConfigEnsure (libfontconfig.so.1 + 0xcf26)
   #10 0x7f5062298f8d 
FcConfigInit (libfontconfig.so.1 + 0xcf8d)
   #11 0x7f50573a3415 
init_in_thread (libpangoft2-1.0.so.0 + 0xc415)
   #12 0x7f50638ffab1 
g_thread_proxy (libglib-2.0.so.0 + 0x87ab1)
   #13 0x7f506332845c 
start_thread (libc.so.6 + 0x8845c)
   #14 0x7f50633a8bbc 
__clone3 (libc.so.6 + 0x108bbc)

   Stack trace of thread 
1633280:
   #0  0x7f50633a1059 
syscall (libc.so.6 + 0x101059)
   #1  0x7f506392dc90 
g_cond_wait_until (libglib-2.0.so.0 + 0xb5c90)
   #2  0x7f506389c143 
g_async_queue_pop_intern_unlocked (libglib-2.0.so.0 + 0x24143)
   #3  0x7f50639004ba 
g_thread_pool_wait_for_new_task (libglib-2.0.so.0 + 0x884ba)
   #4  0x7f50638ffab1 
g_thread_proxy (libglib-2.0.so.0 + 0x87ab1)
   #5  0x7f506332845c 
start_thread (libc.so.6 + 0x8845c)
   #6  0x7f50633a8bbc 
__clone3 (libc.so.6 + 0x108bbc)

   Stack trace of thread 
1633275:
   #0  0x7f50639db4a5 
elf_get_dynamic_info (ld-linux-x86-64.so.2 + 0x74a5)
   #1  0x7f50639dc4e5 
_dl_map_object (ld-linux-x86-64.so.2 + 0x84e5)
   #2  0x7f50639d66d1 
openaux (ld-linux-x86-64.so.2 + 0x26d1)
   #3  0x7f50639d5489 
__GI__dl_catch_exception (ld-linux-x86-64.so.2 + 0x1489)